Increasingly enterprises are attempting to utilize existing technology to conduct business and affairs in a distributed and more automated manner. For example, enterprises are now capable of deploying software services to remote facilities or customers over the Internet.
One technique for achieving this is the creation of a virtual machine (VM). A VM is a software abstracted layer that is partitioned within a physical machine environment to create and establish a different and dual environment from that which is associated with the physical machine. A single machine can have multiple VM's. Essentially, a VM acts as an independent environment and machine that is different from the physical machine on which it processes.
Yet, establishing a VM is not an automated exercise by any means and involves a variety of configuration settings. The VM has to be self-sustaining as an independent logical machine that actually uses the physical resources of a different machine. So, proper configuration of services within the VM is vital.
Another concern is a storage system used in the target physical environment for the VM. Specifically, modern storage systems largely exist to provide storage redundancy, flexible storage density, flexible storage assignment, storage access security, flexible storage sizing, etc. Yet, it has become increasingly difficult for modern data centers to host critical enterprise data on disk subsystems, which may be associated with only one computer. This situation is compounded by the pressure to consolidate execution environments in the data center and to use those environments more effectively.
Typically, a storage device includes a single physical port where access is obtained to the storage device. That port has to be used by the services of a VM if external storage beyond local direct-attached storage is to be used with the VM, which is necessary for VM's that have persistent data. To permit this, the VM or VM services have to include another application that provides access to the storage device and the VM services have to be pre-configured to interact with that application or the VM services have to be pre-configured to directly know and access the proper storage port. Additionally, there is little to no security that is capable of being applied to the port access. So, a VM service with access to a storage port can access the storage even when that VM service may be a rogue service with malicious designs. In fact, there is little to no security applied at the storage port.
Consequently, establishing VM's is a complicated exercise that lacks a substantial amount of security. Thus, what is needed is a mechanism, which allows for verifiable and flexible storage port assignments within virtual machines.